A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote malicious user to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled.
Over 526,000 Windows computers —mainly Windows servers— have been infected with Monero mining software by a group that operates the biggest such botnet known to date.
This group's operations have been known to security researchers since last year, and various companies have published reports on its activity. Because the botnet is so massive and widespread, most previous reports covered only a fraction of the group's entire operation.
The most recent reports that have gotten to th...
The unusual decision Microsoft made to release patches on Tuesday for unsupported versions of Windows was prompted by three NSA exploits that remained unaddressed from April’s ShadowBrokers leak.
The worst of the bunch, an attack called ExplodingCan (CVE-2017-7269), targets older versions of Microsoft’s Internet Information Services (IIS) webserver, version 6.0 in particular, and enables an attacker to gain remote code execution on a Windows 2003 server.
All three attacks allow a...